Main Page | Namespace List | Class Hierarchy | Data Structures | Directories | File List | Data Fields | Globals | Related Pages

check_priv.php File Reference

Tools for checking the security. More...

Go to the source code of this file.

Functions

 CheckJrn ($p_dossier, $p_user, $p_jrn, $p_detail=False)
 Vérifie les acces d'un utilisateur sur un journal.
 CheckAction ($p_dossier, $p_login, $p_action_id)
 Check if an user is allowed to do an action.
 CheckIsAdmin ($p_user)
 Check if an user is an administrator.
 CheckDossier ($p_user, $p_dossier)
 Check if an user has acces to a folder.


Detailed Description

Tools for checking the security.

Todo:
some of those tools are redundant with the class user and should be cleaned

Definition in file check_priv.php.


Function Documentation

CheckAction p_dossier,
p_login,
p_action_id
 

Check if an user is allowed to do an action.

Parameters:
p_dossier dossier id
p_login user's login
p_action_id 
Returns:
  • 0 no priv
  • 1 priv granted

Definition at line 146 of file check_priv.php.

References $cn, $Res, CheckIsAdmin(), DbConnect(), and ExecSql().

00147 {
00148   if ( CheckIsAdmin ($p_login) ) return 1;
00149   $cn=DbConnect($p_dossier);
00150   $Res=ExecSql($cn,"select * from user_sec_act where ua_login='$p_login' and ua_act_id=$p_action_id");
00151   $Count=pg_NumRows($Res);
00152   if ( $Count == 0 ) return 0;
00153   if ( $Count == 1 ) return 1;
00154   echo "<H2 class=\"error\"> Invalid action !!! $Count select * from user_sec_act where ua_login='$p_login' and ua_act_id=$p_action_id </H2>";
00155 }

CheckDossier p_user,
p_dossier
 

Check if an user has acces to a folder.

Parameters:
user 
p_dossier concerned folder
Returns:
1 if yes 0 if no

Definition at line 192 of file check_priv.php.

References $cn, $sql, CheckIsAdmin(), CountSql(), and DbConnect().

00193 {
00194   if ( CheckIsAdmin ($p_user) ) return 1;
00195   $cn=DbConnect();
00196   $sql="select  dos_id from ac_users 
00197                   natural join jnt_use_dos 
00198                   natural join  ac_dossier 
00199                   join  priv_user on ( priv_jnt=jnt_id)
00200           where use_active=1 
00201          and use_login='$p_user' 
00202          and dos_id='$p_dossier' 
00203          and priv_priv != 'NO'";
00204   return CountSql($cn,$sql);
00205 
00206 }

CheckIsAdmin p_user  ) 
 

Check if an user is an administrator.

Parameters:
$p_user user login
Returns:
  • 0 if no
  • 1 if yes

Definition at line 167 of file check_priv.php.

References $cn, $sql, CountSql(), and DbConnect().

Referenced by CheckAction(), CheckDossier(), and CheckJrn().

00168 {
00169   if ( $p_user == 'phpcompta') return 1;
00170   $sql="select use_id from ac_users where use_login='$p_user'
00171                 and use_active=1 and use_admin=1 ";
00172   $cn=DbConnect();
00173   
00174   $isAdmin=CountSql($cn,$sql);
00175 
00176 
00177   return $isAdmin;
00178 
00179 }

CheckJrn p_dossier,
p_user,
p_jrn,
p_detail = False
 

Vérifie les acces d'un utilisateur sur un journal.

parm :

  • $p_dossier le dossier

$p_user le login user

  • $p_jrn le journal gen :
    • rien return:
    • 0 pas d'acces
  • 1 Lecture
  • 2 écriture

Definition at line 46 of file check_priv.php.

References $cn, $Res, $Res2, CheckIsAdmin(), CountSql(), DbConnect(), echo_debug(), and ExecSql().

Referenced by ShowMenuJrnUser().

00047 {
00048   if ( CheckIsAdmin( $p_user) == 1 ) return 2;
00049   $cn=DbConnect($p_dossier);
00050   // Special
00051   // p_jrn = 0 ==> grand livre access if there is no uj_prix=X
00052   // or detail
00053   if ( $p_jrn == 0 ) {
00054     if ( $p_detail == false) {
00055       //    $n_jrn=CountSql($cn,"select jrn_def_id from jrn_def");
00056       $n_for=CountSql($cn,"select jrn_def_id,uj_priv 
00057                  from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id
00058                     where uj_login='$p_user' and uj_priv='X'");
00059       if ( $n_for == 0 ) 
00060         return 2;
00061       else 
00062         return 0;
00063     } else {
00064       // For a detail, at least one jrn must be accessible
00065       $n_for=CountSql($cn, " select jrn_def_id,uj_priv 
00066                  from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id
00067                     where uj_login='$p_user' and uj_priv !='X'");
00068       if ( $n_for == 0 ) 
00069         return 0;
00070       else 
00071         return 2;
00072     }
00073     
00074  
00075   }
00076 
00077   // droit spécifique
00078   $Res2=ExecSql($cn,"select jrn_def_id,uj_priv 
00079                  from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id
00080                     where uj_login='$p_user' and jrn_def_id=$p_jrn");
00081 
00082   $PrivJrn=pg_NumRows($Res2);
00083   $cn=DbConnect();
00084   // droit par défaut
00085   $Res=ExecSql($cn,"  select * 
00086                        from ac_users left join jnt_use_dos using (use_id) 
00087                        left join priv_user on (priv_jnt=jnt_id) 
00088                       where use_login='$p_user' and
00089                        dos_id=$p_dossier");
00090 
00091   $DefRight=pg_NumRows($Res);
00092   echo_debug ("PrivJrn = $PrivJrn DefRight $DefRight");
00093   // Si les droits par défaut == 0, alors user n'a pas accès au dossier
00094   if ( $DefRight == 0 ) return 0;
00095   $Def=pg_fetch_array($Res,0);
00096 
00097   // Si les droits par défaut == NO, alors user n'a pas accès au dossier
00098   if ( $Def['priv_priv'] == "NO" ) return 0;
00099 
00100   if ( $Def['priv_priv'] == "W") {
00101   // Si droit pas défaut == écriture      
00102     if ( $PrivJrn == 0 ) {
00103       // Pas de droit spécifique sur jrn => droit par défaut = W
00104       return 2;
00105     }
00106     $Priv=pg_fetch_array($Res2,0);
00107     
00108     if ( $Priv['uj_priv'] == "X" ) return 0;
00109     if ( $Priv['uj_priv'] == "R" ) return 1;
00110     if ( $Priv['uj_priv'] == "W" ) return 2;
00111     echo '<H2 class="error"> Undefined right</H2>';
00112     echo_debug ("Droit Journal $Priv[uj_priv]");
00113     return 0;
00114   }
00115   if ( $Def['priv_priv'] == "R") {
00116   // Si droit pas défaut == Lire
00117     if ( $PrivJrn == 0 ) {
00118       // Pas de droit spécifique sur jrn => droit par défaut = Lire
00119       return 1;
00120     }
00121     $Priv=pg_fetch_array($Res2,0);
00122     
00123     if ( $Priv['uj_priv'] == "X" ) return 0;
00124     if ( $Priv['uj_priv'] == "R" ) return 1;
00125     if ( $Priv['uj_priv'] == "W" ) return 2;
00126     echo_debug ("Droit Journal $Priv[uj_priv]");
00127     echo '<H2 class="error"> Undefined right</H2>';
00128     return 0;
00129   }
00130   echo '<H2 class="error"> Undefined default right</H2>';
00131   return 0;
00132 
00133 }